PinnedLopsegIdeas for Testing CheckoutTips when testing checkout/payment appsDec 22, 2023Dec 22, 2023
PinnedLopsegDigging Deeper: Unearthing Business Logic Vulnerabilities in Web ApplicationsFarzad UnsplashMay 20, 20231May 20, 20231
PinnedLopsegSSRF in import file functionIn this post, I’ll describe how I easily managed to exploit an SSRF vulnerability on target.com, a lot of information will be redacted for…Jul 14, 20201Jul 14, 20201
LopsegNavigating Tree-Sitter Queries with jsluice for JavaScript File AnalysisTree-Sitter Dec 26, 2023Dec 26, 2023
LopsegBeyond Simple Alerts: Techniques for Evading WAF and Achieving XSS SuccessTL;DR If you’re looking for ready-made payloads, go to the end of this blogpost, where I include some interesting ones.Dec 22, 2023Dec 22, 2023
LopseginOSINT TeamEnhancing Bug Bounty Hunting with Lopseg OSINTFree OSINT ToolDec 7, 2023Dec 7, 2023